Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more. Get started
I am trying to determine if sharing a dashboard to an internal user via power bi service automatically shares the dashboard developer's database credentials. I work for a company that has a few government contracts and therefore is required to follow NIST regulations. I recently created a dashboard and was told by a member of our IT department that I could not share it to another user because they thought that power bi had the security flaw where whoever I shared it with would recieve my SQL credentials. I researched this, but have not been able to find anything referencing this supposed security flaw, except for one post from 2015 (below) that mentioned this security issue if you use the SSAS connector, which I didn't because I imported the data and setup a gateway to refresh. (https://community.powerbi.com/t5/Integrations-with-Files-and/Sharing-dashboards-security-issue/td-p/...)
Does anyone know if this is an actual security issue, and if so whether it has been fixed or any possible ways to work around it?
Thanks for the help!!
I am trying to determine if sharing a dashboard to an internal user via power bi service automatically shares the dashboard developer's database credentials. I work for a company that has a few government contracts and therefore is required to follow NIST regulations. I recently created a dashboard and was told by a member of our IT department that I could not share it to another user because they thought that power bi had the security flaw where whoever I shared it with would recieve my SQL credentials. I researched this, but have not been able to find anything referencing this supposed security flaw, except for one post from 2015 (below) that mentioned this security issue if you use the SSAS connector, which I didn't because I imported the data and setup a gateway to refresh. (https://community.powerbi.com/t5/Integrations-with-Files-and/Sharing-dashboards-security-issue/td-p/...)
Does anyone know if this is an actual security issue, and if so whether it has been fixed or any possible ways to work around it?
Thanks for the help!!
Hi @Anonymous,
If you are using SSAS and RLS as your data source then the appropriate RLS should be applied for each using access the dashboard.
However, if you are using another type of datasource in your dashboard the data will be refresh according to the data set roles are setup in the Power BI file. Therefere, a SQL database will show data per the user account used on the setup of the report. The work around is to setup RLS inside the data model in Power BI.
Hope this makes sense. See the details below:
Power BI RLS: https://docs.microsoft.com/en-us/power-bi/service-admin-rls
SSAS RLS: https://docs.microsoft.com/en-us/power-bi/desktop-tutorial-row-level-security-onprem-ssas-tabular
Okay thanks for the help. I have applied RLS and am not using SSAS.. I can't find any security issues with the Power BI file but am up against an IT department that is not much help because they have their own BI solution that they want to implement... sigh..
Check out the September 2024 Power BI update to learn about new features.
Learn from experts, get hands-on experience, and win awesome prizes.